diff options
Diffstat (limited to 'nixos/modules/services/misc/sourcehut/default.xml')
-rw-r--r-- | nixos/modules/services/misc/sourcehut/default.xml | 113 |
1 files changed, 0 insertions, 113 deletions
diff --git a/nixos/modules/services/misc/sourcehut/default.xml b/nixos/modules/services/misc/sourcehut/default.xml deleted file mode 100644 index 1d8330931ddf..000000000000 --- a/nixos/modules/services/misc/sourcehut/default.xml +++ /dev/null @@ -1,113 +0,0 @@ -<!-- Do not edit this file directly, edit its companion .md instead - and regenerate this file using nixos/doc/manual/md-to-db.sh --> -<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="module-services-sourcehut"> - <title>Sourcehut</title> - <para> - <link xlink:href="https://sr.ht.com/">Sourcehut</link> is an - open-source, self-hostable software development platform. The server - setup can be automated using - <link linkend="opt-services.sourcehut.enable">services.sourcehut</link>. - </para> - <section xml:id="module-services-sourcehut-basic-usage"> - <title>Basic usage</title> - <para> - Sourcehut is a Python and Go based set of applications. This NixOS - module also provides basic configuration integrating Sourcehut - into locally running <literal>services.nginx</literal>, - <literal>services.redis.servers.sourcehut</literal>, - <literal>services.postfix</literal> and - <literal>services.postgresql</literal> services. - </para> - <para> - A very basic configuration may look like this: - </para> - <programlisting> -{ pkgs, ... }: -let - fqdn = - let - join = hostName: domain: hostName + optionalString (domain != null) ".${domain}"; - in join config.networking.hostName config.networking.domain; -in { - - networking = { - hostName = "srht"; - domain = "tld"; - firewall.allowedTCPPorts = [ 22 80 443 ]; - }; - - services.sourcehut = { - enable = true; - git.enable = true; - man.enable = true; - meta.enable = true; - nginx.enable = true; - postfix.enable = true; - postgresql.enable = true; - redis.enable = true; - settings = { - "sr.ht" = { - environment = "production"; - global-domain = fqdn; - origin = "https://${fqdn}"; - # Produce keys with srht-keygen from sourcehut.coresrht. - network-key = "/run/keys/path/to/network-key"; - service-key = "/run/keys/path/to/service-key"; - }; - webhooks.private-key= "/run/keys/path/to/webhook-key"; - }; - }; - - security.acme.certs."${fqdn}".extraDomainNames = [ - "meta.${fqdn}" - "man.${fqdn}" - "git.${fqdn}" - ]; - - services.nginx = { - enable = true; - # only recommendedProxySettings are strictly required, but the rest make sense as well. - recommendedTlsSettings = true; - recommendedOptimisation = true; - recommendedGzipSettings = true; - recommendedProxySettings = true; - - # Settings to setup what certificates are used for which endpoint. - virtualHosts = { - "${fqdn}".enableACME = true; - "meta.${fqdn}".useACMEHost = fqdn: - "man.${fqdn}".useACMEHost = fqdn: - "git.${fqdn}".useACMEHost = fqdn: - }; - }; -} -</programlisting> - <para> - The <literal>hostName</literal> option is used internally to - configure the nginx reverse-proxy. The <literal>settings</literal> - attribute set is used by the configuration generator and the - result is placed in <literal>/etc/sr.ht/config.ini</literal>. - </para> - </section> - <section xml:id="module-services-sourcehut-configuration"> - <title>Configuration</title> - <para> - All configuration parameters are also stored in - <literal>/etc/sr.ht/config.ini</literal> which is generated by the - module and linked from the store to ensure that all values from - <literal>config.ini</literal> can be modified by the module. - </para> - </section> - <section xml:id="module-services-sourcehut-httpd"> - <title>Using an alternative webserver as reverse-proxy (e.g. - <literal>httpd</literal>)</title> - <para> - By default, <literal>nginx</literal> is used as reverse-proxy for - <literal>sourcehut</literal>. However, it’s possible to use e.g. - <literal>httpd</literal> by explicitly disabling - <literal>nginx</literal> using - <xref linkend="opt-services.nginx.enable" /> and fixing the - <literal>settings</literal>. - </para> - </section> -</chapter> |